Skip to content

Latest commit

 

History

History
314 lines (314 loc) · 18.1 KB

README.md

File metadata and controls

314 lines (314 loc) · 18.1 KB

Data-Acquisition-OSINT

You can find links to data acquisition websites, all on the clear-web. Some sites will charge you for their service, however some will also offer a small amount of data for free. From a CTI perspective it is important for organisations, whether in the public or private sector to understand what risks exist that might make them vulnerable. These resources are not just for OSINT investigations, they are also for individuals to be able to check for your own data. You may have to check more tham one resource to truely understand the risk and exposure, as they tend to hold different data.

Public data and publically available data are two different concepts. Within the UK and the US individual local authority areas / states have there own local public data searches available, to many for rme to list here. The same is true of many other counteries.

It is always important to understand and acknowledge that for certain types of data, you have to consider the following, Legislation, Lawfulness, Regulations, Ethics, Morals and Polices. Be under no illusion, in some countries and jurisdictions certain types of data maybe out of bounds for some OSINT practitioners and I recommend you understand those limitations placed upon you before embarking on acquiring data for OSINT, especially when it comes to the lawfulness of your activity.

It is important to remember Data Acquisition OSINT is not just about one stream of Data. It includes both Public Data and Publicly Available Data.  You must ensure that if you acquire data for OSINT that you use it responsibly and lawfully regardless of its origins. This is the same of any OSINT material you acquire.

Another stream of data worth considering is Data Broker data. Data collected when you sign up for an online service or when you download an app, and is then subsequently sold to Data Brokers. This is then aggregated with other Public Data and Publicly Available Data and combined to provide a product to sell, You can find some of these sites on the People Search repo.

         
People Search

When researching data sites always be careful what you click or download as malware maybe present. Telegram is included however you will have to find groups and bots on the platfrom and these change frequently. You can check my Telegram repository for more resources.

Telegram

If you find your data on a site, and it is a reputable site, it may offer you a means to remove it. You could also consider other ways to remove it, such as rights under GDPR or CCPA as examples. You will find some resources in my Privacy Opt-Out repository that may help too.

Privacy Opt-Out
                                                                                                                                               
Table of Contents
File / Directory OSINT
Google CSE
Publicly Available Data
Public Data
Paste Sites
Ransomware / CTI
Reverse Hash Sites
News
Videos
     
                   
File / Directory OSINT
   
Google CSE
   
Publicly Available Data Acquisition Sites
Public Data Acquisition Sites
Paste Sites
Ransomware / Cyber Threat Intelligence
   
Reverse Hash Sites
   
News
   
Videos
  • SANS
  • Breach Data Infrastructure. (2024)